public function __construct($id = NULL)
{
$this->db = DBConnection::getConnection();
if ($id == NULL) {
$this->new = TRUE;
} else {
$id = $this->db->quote($id);
$query = "SELECT * FROM {$this->sourceTab} WHERE ID={$id}";
try {
$res = $this->db->query($query);
if ($res->rowCount() != 1) {
$this->valid = FALSE;
} else {
$info = $res->fetch(PDO::FETCH_ASSOC);
$this->nid = $info['NID'];
$this->id = $info['ID'];
$this->password = $info["PASSWORD"];
$this->salt = $info["SALT"];
$this->valid = $info["VALID"];
$this->admin = $info["ADMIN"];
}
} catch (Exception $e) {
throw new Exception("Impossible to Execute Query that retrieve an user: " . $e->getMessage());
}
}
}
/**
* Class constructor
*
* @param string $readWriteMode "read", "write" or "admin"
* @throws ControllerException
*/
public function __construct($readWriteMode = 'write')
{
try {
$dbc = new DBConnection($readWriteMode);
$this->_dbh = $dbc->getConnection();
$this->_dbh->autocommit(TRUE);
} catch (Exception $e) {
throw new ControllerException('Problem connecting to database: ' . $this->_dbh->error);
}
}
public function delete()
{
if (isset($this->id)) {
$sql = 'DELETE FROM ' . static::$table . ' WHERE id=:id';
var_dump($sql);
$dbh = DBConnection::getConnection();
$sth = $dbh->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS, get_called_class());
$sth->execute(['id' => $this->id]);
}
}
function getCalendarByRange($id)
{
try {
$db = new DBConnection();
$db->getConnection();
$sql = "select * from `jqcalendar` where `id` = " . $id;
$handle = mysql_query($sql);
//echo $sql;
$row = mysql_fetch_object($handle);
} catch (Exception $e) {
}
return $row;
}
/**
returns true if $user has $role; false if $user does not have $role
*/
public static function userHasRole($user, $role)
{
$connection = DBConnection::getConnection();
$userID = $user->getID();
$roleID = $role->getID();
$statement = $connection->prepare("SELECT role_id FROM UserRoles WHERE user_id = :userID AND role_id = :roleID");
$statement->bindParam(":userID", $userID);
$statement->bindParam(":roleID", $roleID);
$statement->execute();
$result = $statement->fetch();
$userHasRole = $result !== false;
return $userHasRole;
}
/**
$where = 'WHERE [column_name]=:value'
$value = what should replace ':value' in $where
returns a User if the user is found or null otherwise
*/
private static function retrieveUserWhere($where, $value)
{
$connection = DBConnection::getConnection();
$sql = "SELECT id, username, password, name FROM Users WHERE {$where}";
$parameters[':value'] = $value;
$statement = DBConnection::executeSQLSelect($sql, $parameters);
$result = $statement->fetch();
if ($result === null) {
return null;
} else {
$user = new User($result['id'], $result['username'], $result['password'], $result['name']);
return $user;
}
}
function delAuthor()
{
// TODO : Escape String for SQL Statement
$authorId = $_GET[AUTHOR_ID];
$redirectPage = AUTHOR_LIST_PAGE;
$user = getUserInfo();
$role = $user->getRole();
$conn = DBConnection::getConnection($role);
if ($conn) {
$result = $conn->deleteAuthor($authorId);
header("Location: {$redirectPage}");
exit;
}
}
/**
Adds the announcement to the database.
returns true if the announcement was inserted successfully
*/
public static function addAnnouncement($title, $text, $creatorID)
{
$sql = "\n\t\t\tINSERT INTO Announcements\n\t\t\t(\n\t\t\t\tannouncer_id,\n\t\t\t\ttitle,\n\t\t\t\tannouncement,\n\t\t\t\tcreated_date\n\t\t\t)\n\t\t\tVALUES\n\t\t\t(\n\t\t\t\t:announcer_id,\n\t\t\t\t:title,\n\t\t\t\t:announcement,\n\t\t\t\t:created_date\n\t\t\t)\n\t\t";
$dateCreated = new DateTime();
$strDateCreated = $dateCreated->format('Y-m-d G:i:s');
$connection = DBConnection::getConnection();
$statement = $connection->prepare($sql);
$statement->bindParam(":announcer_id", $creatorID);
$statement->bindParam(":title", $title);
$statement->bindParam(":announcement", $text);
$statement->bindParam(":created_date", $strDateCreated);
$insertWasSuccessful = $statement->execute();
return $insertWasSuccessful;
}
function delCategory()
{
// TODO : Escape String for SQL Statement
$categoryId = $_GET[CATEGORY_ID];
$redirectPage = CATEGORY_LIST_PAGE;
$user = getUserInfo();
$role = $user->getRole();
$conn = DBConnection::getConnection($role);
if ($conn) {
$result = $conn->deleteCategory($categoryId);
header("Location: {$redirectPage}");
exit;
}
}
function delSection()
{
// TODO : Escape String for SQL Statement
$sectionId = $_GET[SECTION_ID];
$redirectPage = SECTION_LIST_PAGE;
$user = getUserInfo();
$role = $user->getRole();
$conn = DBConnection::getConnection($role);
if ($conn) {
$result = $conn->deleteSection($sectionId);
header("Location: {$redirectPage}");
exit;
}
}
function delPublisher()
{
// TODO : Escape String for SQL Statement
$publisherId = $_GET[PUBLISHER_ID];
$redirectPage = PUBLISHER_LIST_PAGE;
$user = getUserInfo();
$role = $user->getRole();
$conn = DBConnection::getConnection($role);
if ($conn) {
//var_dump($_POST);
$result = $conn->deletePublisher($publisherId);
header("Location: {$redirectPage}");
exit;
}
}
/**
* Constructor
* @param {string} $file caller for this object
* @throws Exception if cannot contact database
*/
function __construct($file)
{
// connect database
$this->file = $file;
$config = Config::getInstance();
$h = $config->getEnv("database_host");
$n = $config->getEnv("database_name");
$u = base64_decode($config->getEnv("database_user"));
$p = base64_decode($config->getEnv("database_pass"));
$l = $config->getEnv("debug_level");
$this->myLogger = new Logger($file, $l);
$this->conn = DBConnection::getConnection($h, $n, $u, $p);
if (!$this->conn) {
$this->errormsg = "{$file}::construct() cannot contact database";
throw new Exception($this->errormsg);
}
// check if exists resultset::fetch_all() method
$this->fall = method_exists('mysqli_result', 'fetch_all') ? true : false;
}
function removeCalendar($id)
{
$ret = array();
try {
$db = new DBConnection();
$db->getConnection();
$sql = "delete from `jqcalendar` where `id`=" . $id;
if (mysql_query($sql) == false) {
$ret['IsSuccess'] = false;
$ret['Msg'] = mysql_error();
} else {
$ret['IsSuccess'] = true;
$ret['Msg'] = 'Succefully';
}
} catch (Exception $e) {
$ret['IsSuccess'] = false;
$ret['Msg'] = $e->getMessage();
}
return $ret;
}
/**
* Will return one of the following:
*
* 2-D array of all comments from all users contained the 'Comments' table
* OR
* A string advising there are no comments in the 'Comments' table
*
* @return array|string
*/
public static function getComments()
{
// Get DB Connection
self::$DB = DBConnection::getConnection();
// Query for Read-Only. Order by comment date posted
$result = self::$DB->query("SELECT Comments.comm_Title, Comments.comm_Body, Comments.comm_Date_Posted, Users.user_Username FROM Comments INNER JOIN Users ON Comments.user_ID = Users.user_ID ORDER BY comm_Date_Posted DESC");
// Array to return to view
if ($result->rowCount() === 0) {
$comments = "No comments at this time";
} else {
$comments = [];
// Store the comments to return to the web view
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
// Title, Message, Logged-In Username and Date-Time stamp
$comments[] = $row;
}
}
// Nullify the DB object
$DB = null;
return $comments;
}
/**
*
* @return type
*/
protected function getConnection()
{
return $this->dbConnection->getConnection();
}
/**
* Metodo para almacenar la informacion de los errores en los querys ejecutados.
*
* @param string $queryOperation
* @param string $result
*/
private static function storeError($queryOperation, $result)
{
if (DBUtil::$storeErrors == true) {
$idUsuario = "NULL";
$time0 = time();
if (isset($_SESSION["usuario"])) {
$idUsuario = $_SESSION["usuario"]->getId();
}
$dbConObj = new DBConnection();
$query = "INSERT INTO system_log (fecha, query, result, was_error, query_time, id_usuario)" . " VALUES(now(),'" . mysql_real_escape_string($queryOperation, $dbConObj->getConnection()) . "','" . mysql_real_escape_string($result, $dbConObj->getConnection()) . "','1'," . (time() - $time0) . "," . $idUsuario . ")";
mysql_query($query, $dbConObj->getConnection());
$dbConObj->closeConnection();
}
}
checkNullwithRedirect(PUBLISHER_LIST_PAGE, $_GET[ITEM_ID]);
$actionType = ACTION_DEL;
$publisherId = $_GET[ITEM_ID];
$title = 'Del Publisher';
$editable = FALSE;
break;
case ACTION_ADD:
default:
break;
}
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/LibraryManagement/View/Shared/Header.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/LibraryManagement/Classes/DatabaseLogic/DBConnection.php';
$user = getUserInfo();
$role = $user->getRole();
$conn = DBConnection::getConnection($role);
$publisher = NULL;
if ($conn) {
$publisher = $conn->getAllPublisher();
}
$instance = NULL;
$publisherName = NULL;
$publisherAddress = NULL;
$publisherPhone = NULL;
switch ($actionType) {
case ACTION_EDIT:
case ACTION_DEL:
$instance = $publisher->getItem($publisherId);
//var_dump($instance);
$publisherName = $instance->getName();
$publisherAddress = $instance->getAddress();
/**
* Will return either an object of 'User' and data pertaining to that user
* or it will return 'false' indicating a user was not found
*
*
* @param $username
* @return bool|User
*
*/
public static function findUser($username)
{
// Get DB connection
$DB = DBConnection::getConnection();
// Query for Read-Only
$result = $DB->query("SELECT * FROM Users WHERE user_Username = '******'");
if ($result->rowCount() === 0) {
$userFound = false;
} else {
$result->setFetchMode(PDO::FETCH_ASSOC);
$row = $result->fetch();
$userFound = new User($row['user_ID'], $row['user_Username'], $row['user_Password'], $row['user_Date_Registered']);
}
return $userFound;
}
/**
* Metodo para almacenar la informacion de los errores en los querys ejecutados.
*
* @param string $queryOperation
* @param string $result
*/
private static function storeError($queryOperation, $result)
{
if (DBUtil::$STORE_LOGS) {
$idUsuario = "NULL";
$time0 = time();
if (isset($_SESSION["usuario"])) {
$idUsuario = $_SESSION["usuario"]->getId();
}
$query = "INSERT INTO system_log (fecha, query, result, was_error, query_time, id_usuario)" . " VALUES(now(),'" . str_replace("'", "\\'", $queryOperation) . "','" . str_replace("'", "\\'", $result) . "','1'," . (time() - $time0) . "," . $idUsuario . ")";
$dbConObj = new DBConnection();
mysql_query($query, $dbConObj->getConnection());
$dbConObj->closeConnection();
} else {
echo $result;
}
}
public function __construct()
{
self::$connect = DBConnection::getConnection($connector = new DBPostgreSQLService());
}
function get_info($info_id, $propaty = null)
{
global $DB_URI;
global $setup;
$ret = get_infoitem($info_id);
if (!$ret) {
return array();
}
$inst = DBConnection::getConnection($DB_URI);
$info = Info::getData($info_id);
$kind = $info["kind"] - 100;
if (!$propaty) {
// プロパティ
$propaty = get_info_propaty($inst, $kind);
}
//
// $list = array("info_id" => $info_id, "kind" => $kind, "propaty" => $propaty);
$list = array("info_id" => $info_id, "kind" => $kind, "info" => $setup["info"][$kind], "propaty" => $propaty);
$list_item = array();
$info = array();
$special = array();
foreach ($ret as $key => $val) {
if ($key == "special") {
$ary = explode(",", $val);
if ($ary) {
foreach ($ary as $val2) {
$key2 = "special" . $val2;
unset($item);
$item["title"] = $propaty[$key2];
$item["value"] = $val2;
if ($setup["icons"][$kind][$val2]) {
$item["icon"] = $setup["icons"][$kind][$val2];
}
$list[$key2] = $item;
$special[] = $item;
}
}
} else {
if ($propaty[$key]) {
unset($item);
if ($val) {
$item["title"] = $propaty[$key];
$item["value"] = $val;
$list[$key] = $item;
if (substr($key, 0, 4) == "info") {
$n = intval(substr($key, 4));
if ($n <= 10) {
// 一覧項目
$list_item[] = $item;
}
$info[] = $item;
}
}
} else {
if ($val) {
if ($key == "new" && $val) {
$list["new_flag"] = $val;
}
if ($key == "recommend" && $val) {
$list["recommend" . $val] = "1";
}
$list[$key] = $val;
}
}
}
if (substr($key, 0, 5) == "image") {
if ($val) {
$img = Image::getData($val);
if ($img) {
$list[$key . "_file"] = $img["save_name"];
$list[$key . "_info"] = $img;
}
}
}
if (substr($key, 0, 3) == "pdf") {
if ($val) {
$img = Image::getData($val);
if ($img) {
$list[$key . "_file"] = $img["save_name"];
$list[$key . "_info"] = $img;
}
}
}
}
$list["list_item"] = set_row($list_item, 2);
// 一覧用情報
$list["info"] = $info;
// 詳細用情報
$list["special"] = $special;
// こだわり
return $list;
}
include_once "../../common/handleresponse.php";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// access_token, occupation
$ret = array();
$access_token = $_POST["access_token"];
$postalcode = $_POST["postalcode"];
if (Validation::includeBlank($access_token, $postalcode)) {
HandleResponse::badRequest("Parameters are blank");
} else {
if (!Validation::isValidPostalcode($postalcode)) {
HandleResponse::badRequest("Invalid user postalcode");
} else {
$conn = null;
try {
$db = new DBConnection();
$conn = $db->getConnection();
mysqli_query($conn, "set autocommit = 0");
mysqli_query($conn, "begin");
$user_id = getUserIdFromToken($conn, $access_token);
if ($user_id == null) {
$ret = HandleResponse::badRequestReturn("Invalid Accesstoken");
} else {
// Update postal code
$ret = updatePostalcode($conn, $user_id, $postalcode);
}
mysqli_query($conn, "commit");
} catch (Exception $e) {
mysqli_query($conn, "rollback");
$ret = HandleResponse::badRequestReturn("Invalid Accesstoken");
}
print json_encode($ret);
public function IsConfigured()
{
if ($this->configured) {
return TRUE;
}
if ($this->db == NULL) {
$this->db = DBConnection::getConnection();
}
$query = "SELECT COUNT(*) AS C FROM USERS";
try {
$res = $this->db->query($query);
if ($res->rowCount() != 1) {
throw new Exception();
} else {
$info = $res->fetch(PDO::FETCH_ASSOC);
$this->configured = $info['C'] > 0;
}
} catch (Exception $e) {
throw new Exception("Impossible to Read Application Status");
}
return $this->configured;
}
try {
$config = new Config();
$page = new PJSWebPage($config->getTitle() . " - Reset DB", true);
$body = "<ul>\n";
$dbc = new DBConnection("admin", null, null, null, null, null, 'mysqli', true);
if (!$dbc->getCreatedDb()) {
// Database exists. Don't allow reset if the user is not logged in.
$auth = new Auth();
if (!$auth->isAuthorized()) {
throw new Exception("User must be logged in to reset the database!");
}
if ("1" !== $config->getResetOk()) {
throw new Exception("Reset capability is turned off! See config.xml");
}
}
$dbh = $dbc->getConnection();
foreach (array_reverse($controllerNames) as $controllerName) {
$controller = new $controllerName('write');
$controllers[$controllerName] = $controller;
if (method_exists($controller, 'dropTriggers')) {
$body .= "<li>Dropping Triggers: {$controllerName}</li>\n";
$controller->dropTriggers();
}
}
foreach ($controllers as $controllerName => $controller) {
$body .= "<li>Dropping Tables: {$controllerName}</li>\n";
$controller->dropTable();
}
foreach (array_reverse($controllers) as $controllerName => $controller) {
$body .= "<li>Creating Tables: {$controllerName}</li>\n";
$controller->createTable();
function printScripts($idInput, $idList)
{
$sql = "SELECT ID, NAME FROM SCRIPTS";
$db = DBConnection::getConnection();
$users = NULL;
try {
foreach ($db->query($sql) as $tmp) {
$id = $tmp['ID'];
$name = $tmp['NAME'];
echo "<li about=\"{$id}\" onclick=\"setSelectValue(this, '{$idInput}', '{$idList}')\">{$name}</li>";
}
} catch (Exception $e) {
throw new Exception("Impossible to retrieve the script list");
}
}
function delBookCopy()
{
// TODO : Escape String for SQL Statement
$barcodeId = $_GET[BOOK_BARCODE];
$redirectPage = BOOK_LIST_PAGE;
$user = getUserInfo();
$role = $user->getRole();
$conn = DBConnection::getConnection($role);
if ($conn) {
$result = $conn->deleteBookCopy($barcodeId);
header("Location: {$redirectPage}");
exit;
}
}
function delUser()
{
// TODO : Escape String for SQL Statement
$userId = $_POST[ACCOUNT_ID];
$redirectPage = USER_LIST_PAGE;
$user = getUserInfo();
$role = $user->getRole();
$conn = DBConnection::getConnection($role);
if ($conn) {
$result = $conn->deleteUser($userId);
header("Location: {$redirectPage}");
exit;
}
}
